Blog Archives

Despite all of the hype, social media isn’t the only way to promote a business. In fact, some businesses, despite whatever efforts they make, won’t get any business as a result of social media activities. For example, B2B (business to business) service businesses, such as lawyers, accountants, and Web site developers won’t likely get much from social media.

That said, all businesses in 2015 ought to have a credible social media presence. Even those that won’t get business from social media should have something out there that looks professional and up-to-date. That’s because people look there from time to time and you ought to look your best as people try and get a background on your business.

Here’s what a credible social media presence looks like:

At least 100 followers/likes/etc. – You want to make sure that if someone goes to your social media pages on Facebook, Twitter, Google Plus, etc, that it appears like more than just and your friend are the ones who are using it. You’ll want these to be real people — so a quick email to friends and clients asking them to “like” your page will usually get you to at least 100.

Branding that matches your Web site and other collateral materials — You want to make sure your social media pages have matching logos and other visuals that look like other materials your company produces.

Updated content — You need to have content that is updated recently to look credible.

Credible content -- You need to have content that is relevant to your business and looks like it was prepared with thought and intention.

In 2014, it has been the year of security for the Internet. Put more correctly, it has been a year of insecurity — very prominent vulnerabilities in major pieces of software, hacks that compromised millions of credit card numbers and lots of activity involving network intrusions.

One part that hasn’t received a lot of attention is the state of insecurity of many Web sites. Since the creation of the modern commercial Internet in the 90’s, sites that have transacted in credit card or other sensitive data have always had a “padlock” symbol in the browser, indicating that the conversation between users and the site were encrypted so no one else could easily see the contents of the conversation.

In the past few years, mostly in response to high profile incidents, major companies have begun encrypting email, search and social media sites – since they contain information that is private in the same way that credit cards are private.

But thanks to an effort underway, it looks like all sites will be encrypted in the near future. Right now, to encrypt, you need to buy a certificate and renew it sometimes yearly. It is a manual process that is annoying to work through. Let’s Encrypt, a non-profit funded by Mozilla, Cisco and others, promises a free and automated process. If that happens — and that new technology gets integrated into all major browsers, you’ll see most sites choose to encrypt and that will mean a safer Internet for everyone. Stay tuned!

A device that is used to do two factor authentication. Most Web sites send the code via text message, email, or app nowadays.

2014’s Time Person of the Year could very well be the anonymous hacker. After all, this year hackers have compromised private information from Snapchat, Yahoo, Dropbox, Apple, Microsoft Windows among many others. They’ve also compromised credit card data at Chase, Home Depot, Target, and many others. There have also been serious bugs found in Linux, which is the most popular operating system for servers.

Unfortunately, there is no one antidote for all of this. But there is a lesson — 2014 has taught us that companies and individuals need to do a better job securing data and to be more judicious about what we store on online systems.

One way we can all do this is to take advantage of two factor authentication. The idea is that in order to sign into a service for the first time from a device, you need a password and then something else. The “something else” is often a code that is sent via text message or app. That way, if someone gets your password, that isn’t enough for them to get into your account. Here’s a list of popular services, and how you can enable this important service:

Microsoft Accounts: Microsoft’s two-factor authentication sends you a code via text message or email when you attempt to log in from a new machine, though it also works with a number of authenticator apps. You can enable it here.

Yahoo! Mail: Yahoo’s two-factor authentication sends you a 6-digit code via text message when you attempt to log in from a new machine. You can enable it here.

Two Factor won’t fix Internet Security, but it is a prudent step that should help.

I don’t know about you, but my Facebook news feed has been overrun by people (friends, family and celebrities) taking the Ice Bucket Challenge. If you don’t know about it yet, it is about raising awareness and money for research into ALS. You either dump ice water on your self, donate $100 to the ALS foundation, or I’m guessing that some people do both. The foundation has raised millions of dollars from this viral idea, and taught millions about ALS. Mission accomplished.

Of course, there will be other foundations that will attempt follow on promotions that are similar to what was so successful for ALS. There will also be some for profit companies that will attempt (and likely fail) to do similar ideas. Those follow on ideas are reflexive — but not very creative. I’m most interested in the overall lessons this teaches so that my clients can learn from this and apply the concepts to future promotions. Here’s what I see as lessons from the ALS Ice Bucket Challenge:

People want to be involved in helping other people, but would like an easy way to do it. Donating money is hard, sitting at a community festival education people about your non-profit is hard — but dumping cold water is easy.

People want to be part of things others are doing. My neighborhood does a Thriller Flash mob for Halloween every year. The event is successful because it is a bunch of people having fun together — no one wants to dance Thriller by themselves.

Giving people choices is important. The challenge is $100 or dump ice water. The foundation has been successful with both — so I;m guessing some people are dumping water and also donating money. Giving people a choice allowed people to access the promotion at whatever level they wanted.

Imagine this: You are an electrician and you get this message from a prospective customer:

Calling all Electricians:
You could be eligible for a chance to win a trip to Las Vegas and have a display about your business at the MGM Grand during a big event. Simply sign up to run all of the wiring for one of our 100 events around the country. Click on this Web site for more information.

Of course, electricians are never asked to enter contests like this. But graphic designers are asked all of the time. What’s wrong with contests?

They aren’t good for designers: designers need to eat. If they can only get paid if they win a contest, then they can’t eat.

They aren’t good for clients: contests create quantity but not quality. A contest will generate hundreds of designs to choose from. A quality designer will give you far les to choose from, but all of their choices will be good for your business.

Came across a lead that never called me back for help with his Web development project. I called back again today and he said he had hired someone else. I was curious why, so I asked. He said he hired the 1st Web site developer who called.

There are many reasons why you shouldn’t hire the 1st designer who calls you, most are obvious. I guess the best part for me is that the type of client who makes decisions in that manner isn’t the client I’m trying to find for my business!

Curvine’s site apparently attracts more men than women. We’re using Google Analytics demographic information to generate this data.

Web site developers have been able to tell you a lot about users of Web sites. We could tell you:

How they visited the site: When a user visited, How many pages and which pages they visited,

About the user’s computer: What Web browser and Operating System they use, what screen resolution they have

The user’s general location: in what state and city they are located in (or if the user consented, a more specific location)

How they found the site: Did they find it by visiting it directly, clicking on an ad, or visiting a search engine.

There were (and are) limits. Here are some things we couldn’t tell you (unless the person self reported the information):

The user’s name and contact information

Their age or even their gender

Things they are interested in.

We still can’t tell you someone’s name or contact information, but thanks to Google, you can now get demographic information about a significant minority of your site’s visitors. It has some limitations:

Google only has age and gender and interest group information for some users, but not for all users. In my example site, we saw data on about 50% of users. Your mileage may vary.

You can’t see individual user’s data — you can only see an aggregate. You can combine it with other attributes (like # of pages visited) to get more data about each group.

It is 2014. There have been hundreds of reports of malicious users accessing credit card numbers over the Internet. Yet, I still come across people who have Web sites that store Credit Card Numbers using e-commerce systems that don’t have the security in place to manage this properly. Here are several reasons why not to do this:

– It is avoidable in most cases: By using an Authorize and Capture system you can store the authorization and later capture the funds, negating many scenarios that you would need to store a credit card numbers. Major payment processing gateways allow you to store credit card numbers on their server for recurring payments. There are almost no reasons left to store a credit card number on a e-commerce site’s server.

– In most cases you are violating rules from Visa & Mastercard. Credit card providers have rules in place to stop you from doing this.

- It is dangerous. If Target can be hacked, how much easier is it to attack your system? If you are attacked, you may have to pay fines and fees for dealing with the problem.

It has been less than a month since the announcement of a serious flaw in a software package used by many sites to keep information secure. The so-called “Heartbleed” bug took information that was supposed to be private on Web servers and made it theoretically available to a malicious user. The flaw has existed for 2 years, and so either everyone’s information has been available to certain malicious users for that amount of time, or the mistake was only discovered by the folks who fixed it and little to know information was compromised on systems that quickly patched. No one is sure which conjecture is true.

No matter what, here’s what we can learn:

People who properly patch their user and server computers will be more protected that those who don’t. Keeping up to date with new versions of software packages doesn’t fix everything, but it makes you more secure than if you didn’t. There are lots of uninformed people worried about the Heartbleed issue, but haven’t bothered to update past Windows XP, which no longer receives updates at all.

Having a multi-layered approach to security is the best: Relying on any one piece of technology to secure your data isn’t effective. We all need to use many different techniques. If you were securing an important government building from physical access, you wouldn’t rely on just a door lock — no matter how secure it is. You would “layer” a fence, a camera system and other tools to help the building. The same is true for Internet Security.

Beware of overly simplistic news headlines: I read many pieces during the initial roll out of the Heartbleed issue that were just completely wrong. Tech bloggers (such as Krebs on Security) were more likely to get the story right.

In the past 8 years, Curvine has been privileged to help many non-profit organizations with sponsorships, donations and free or reduced-fee Web design work. We’re happy to be helping two great organization at the moment:

Eastside Baby Corner was founded in 1990 because Karen Ridlon, a local pediatric nurse practitioner, became concerned about the large numbers of babies in her practice that began life without adequate food, clothing, beds or safety equipment.

Her commitment to giving these children a stronger start grew from a idea and a few items gathered in her dining room, into an agency that in 2013 distributed 40,069 orders of absolute essentials, valued at $4,527,034*.

For 50 weeks each year, volunteers and staff at Eastside Baby Corner collect community donations, purchase and distribute children’s and maternity items to families in collaboration with virtually every organization helping families in our area. Case managers from partner agencies assess the needs of the family, request the items from EBC, pick up and deliver them to the family. Serving a broad area in east King County that extends to the Cascade foothills and from south of Renton to the edge of Snohomish County, EBC serves as a diaper bank, a clothing bank, and a food source for more than 500 kids each week.

The Seattle Transit Blog is 501(c)(4) nonprofit organization that covers transit news for the the greater Seattle area. The blog also focuses on density and the urban form, and other forms of alternative transportation like bicycling and walking.